General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Can the GlobalProtect Portal be disabled?

I would like to disable the GlobalProtect portal. We would like to control the deployment and installation of the GP client with other tools, and not have this outside logon page availabe to the world, but I still want to be able use the GP Client. C

...

vWire Fails in BGP

Hi,

We have a deployment of Palo Alto in vWire mode. But after it was setup, bgp is no longer functioning. I already created an allow all policy but it didn't work as well. Any advise that can help me to make this work?

Thanks,

Rex

Resolved! The java.tomdep worm ?

Hi,

symantec announce a worm named java.tomdep,

Ref link :

http://www.symantec.com/security_response/writeup.jsp?docid=2013-111815-1359-99

Can Paloalto with Threat Prevention can stop this threat ?

Regards

Hey guys have any of you ever come across this issue:

I was looking at some logs and noticed data displayed in the screenshot below. There are several things highly questionable about the data displayed here:

- The Start Time is in 2031, and the receive time is 2013.
- Bytes Received is about 2 exabytes

...

Today I had 2 cases opened for the same problem 179616 and179728

I would like to have further discussion on this it seems that we now have a very broad policy at the top of our blocking list which contradicts the first rule of firewalls.

Resolved! Populating Panorama from an existing firewall.

We have a lab PA2050 that I have tweaked to exactly where I want it to be. We are now trying to add it to a lab Panorama and I would like to populate Panorama with all of the policies and objects from the lab 2050. I exported the running config to an

...

Failed to get CRL http:// ...

Im getting tons of failed to get CRL errors in my logs all of the sudden. Im not sure what I did (if anything) to cause this.

Ive tried to fix it,

I tried to enable "Server CRL"
I did a nslookup on crl.verisign.com and I cant see any connections outbou

...

Resolved! Security Policy Configuration.

Hi Gents, here is my PA design as active active.

to be clear, the server farm is connected to the Core switches, and the Clients are connected to both Agg switches.

the PA Configuration is in VWire mode.

the question here is, when I create a security po

...

Methods for creating security policies

When creating security policies would it be better to create a separate policy for inbound and outbound traffic, trusted and untrusted, per user group or one policy to manage both ways to minimize number of policies

Resolved! No app ID for for WinRM, port 5985?

I am trying to add WinRM to a allowed policy and I am not finding the app for it. Does PA call it something different? I was thinking there was a way to search the app db by port but nothing is coming up.

Resolved! GRE protocol traffic

Hello to All,

I noticed some strange behavior regarding GRE protocol, and try to explain what exactly is strange:

Customer has unfortunate GRE VPN tunnel and in one policy "Public_ulaz_GRE" they stated to pass only GRE and NVGRE protocol respectively.

...

Setting Restricted Access to Certain GlobalProtect Users

All,

I am a PA beginner so bare with me. I am trying to restrict access to only a few servers to several of our GlobalProtect VPN users. I could set these users into groups but how would I restrict access for each group? We have a PA-500 with 5.0.6 OS

...

Captive Portal - need help with configuration

Hello

I'm using CP since over 6 months. It's working quite good.

I moved my servers from internet (untrust zone) to my DMZ zone. I realized that traffic between WiFi network and servers in DMZ (using public adreses) is allowed without CP.

In WiFi zone I

...

Application and Threat Summary report

Hello,

i am confused a little bit when i found out that 10.0.0.0-10.255.255.255 is listed in Top 5 Destination country. What actually refers 10.0.0.0-10.255.255.255 in this instance?

Regards,

Resolved! schedule dynamic updates from Panorama

Dear,

I was wondering if it was possible to schedule a dynamic update (download&install) from Panorama.

I know I can configure dynamic updates from the panorama (templates/device/dynamic updates). But I don't want my devices to download the dynamic upd

...

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free